Have something to say?

Ready to be published? LXer is read by around 350,000 individuals each month, and is an excellent place for you to publish your ideas, thoughts, reviews, complaints, etc. Do you have something to say to the Linux community?

SuSE alert: bind8

BIND, the Berkeley Internet Name Daemon, versions before 8.2.2p7, has been found vulnerable to two denial of service attacks: named may crash after a compressed zone transfer request (ZXFR) and if an SRV record (defined in RFC2782) is sent to the server. Administrators testing the ZXFR bug should be aware that it can take several seconds after the triggering the bug until the nameserver daemon crashes. SuSE versions 6.0 through 6.4 are affected by these two problems. The bind8 package in SuSE-7.0 is not affected because a different version of bind8 (8.2.3) was used in this distribution. By the release time of the SuSE-7.0 distribution our engineers have determined that the problems we had with stalling zone transfers under some obscure conditions were not present with the 8.2.3 release of the package.

BIND, the Berkeley Internet Name Daemon, versions before 8.2.2p7, has
been found vulnerable to two denial of service attacks: named may crash
after a compressed zone transfer request (ZXFR) and if an SRV record
(defined in RFC2782) is sent to the server. Administrators testing
the ZXFR bug should be aware that it can take several seconds after
the triggering the bug until the nameserver daemon crashes.
SuSE versions 6.0 through 6.4 are affected by these two problems.
The bind8 package in SuSE-7.0 is not affected because a different
version of bind8 (8.2.3) was used in this distribution. By the release
time of the SuSE-7.0 distribution our engineers have determined that
the problems we had with stalling zone transfers under some obscure
conditions were not present with the 8.2.3 release of the package.

Administrators are strongly recommended to upgrade their bind8 package
using the provided packages from the sources below. There is a
temporary fix for the ZXFR problem (disable zone transfers) but none
for the SRV record problem.
For the latest information about security vulnerabilities in the bind
name server consider the Internet Software Consortium bind security
webpage at http://www.isc.org/products/BIND/bind-security.html .

To check if your system has the vulnerable package installed, use the
command `rpm -q <package name>´. If applicable, please choose the update
package(s) for your distribution from the URLs listed below and download
the necessary rpm files. Then, install the package using the command
`rpm -Uhv file.rpm´. rpm packages have an internal md5 checksum that
protects against file corruption. You can verify this checksum using
the command (independently from the md5 signatures below)
`rpm --checksig --nogpg file.rpm',
The md5 sums under each package are to prove the package authenticity,
independently from the md5 checksums in the rpm package format.

A new security announcement follows this advisory.
______________________________________________________________________________

3) standard appendix:

SuSE runs two security mailing lists to which any interested party may
subscribe:

suse-security@suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe@suse.com>.

suse-security-announce@suse.com
- SuSE's announce-only mailing list.
Only SuSE's security annoucements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe@suse.com>.

For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info@suse.com> or
<suse-security-faq@suse.com> respectively.

The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way.
SuSE GmbH makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.